export interface ClientAuth {
    id?: number;
    username: string;
    clientid: string;
    password?: string;
    password_hash: string;
    salt: string;
    use_salt?: boolean;
    status: 'enabled' | 'disabled';
    device_type?: string;
    description?: string;
    is_superuser?: boolean;
    created_at?: Date;
    updated_at?: Date;
    last_login_at?: Date;
    auth_method?: 'password' | 'token' | 'certificate' | 'external';
    auth_expiry?: Date | null;
    allowed_ip_ranges?: string | null;
    allowed_time_ranges?: string | null;
    auth_policy_id?: number | null;
}
export interface AuthMethod {
    id: number;
    method_name: string;
    method_type: 'password' | 'token' | 'certificate' | 'external';
    config: any;
    is_active: boolean;
    created_at: Date;
    updated_at: Date;
}
export interface AuthPolicy {
    id: number;
    policy_name: string;
    priority: number;
    conditions: any;
    actions: any;
    is_active: boolean;
    description?: string;
    created_at: Date;
    updated_at: Date;
}
export interface ClientToken {
    id?: number;
    clientid: string;
    token_type: 'jwt' | 'temporary' | 'refresh';
    token_value: string;
    expires_at: Date;
    status: 'active' | 'revoked' | 'expired';
    created_at?: Date;
    updated_at?: Date;
}
export interface ClientCertificate {
    id?: number;
    clientid: string;
    certificate_pem: string;
    fingerprint: string;
    expires_at: Date;
    status: 'active' | 'revoked' | 'expired';
    created_at?: Date;
    updated_at?: Date;
}
export declare class ClientAuthModel {
    static generateSalt(): string;
    static generatePasswordHash(password: string, salt: string, useSalt?: boolean): string;
    static generatePasswordHashPBKDF2(password: string, salt: string): string;
    static verifyPassword(password: string, salt: string, hash: string, useSalt?: boolean): boolean;
    static verifyDynamicPassword(username: string, clientid: string, password: string): Promise<{
        valid: boolean;
    }>;
    static getAll(limit?: number, offset?: number): Promise<ClientAuth[]>;
    static getById(id: number): Promise<ClientAuth | null>;
    static getByUsernameAndClientid(username: string, clientid: string): Promise<ClientAuth | null>;
    static getByStatus(status: string): Promise<ClientAuth[]>;
    static getCount(): Promise<number>;
    static getStatusStats(): Promise<any>;
    static getDeviceTypeStats(): Promise<any[]>;
    static create(clientAuthData: Omit<ClientAuth, 'id' | 'created_at' | 'updated_at'>): Promise<ClientAuth>;
    static update(id: number, updateData: Partial<Omit<ClientAuth, 'id' | 'created_at'>>): Promise<ClientAuth | null>;
    static updatePassword(id: number, newPassword: string, useSalt?: boolean): Promise<boolean>;
    static delete(id: number): Promise<boolean>;
    static search(searchTerm: string, limit?: number, offset?: number): Promise<ClientAuth[]>;
    static getSearchCount(searchTerm: string): Promise<number>;
    static getByUsername(username: string): Promise<ClientAuth | null>;
    static getByClientId(clientid: string): Promise<ClientAuth | null>;
    static verifyClient(username: string, clientid: string, password: string): Promise<boolean>;
    static getAuthMethods(): Promise<AuthMethod[]>;
    static getAuthMethodById(id: number): Promise<AuthMethod | null>;
    static getAuthMethodByName(name: string): Promise<AuthMethod | null>;
    static createAuthMethod(authMethod: Omit<AuthMethod, 'id' | 'created_at' | 'updated_at'>): Promise<AuthMethod>;
    static updateAuthMethod(id: number, updateData: Partial<Omit<AuthMethod, 'id' | 'created_at'>>): Promise<AuthMethod | null>;
    static deleteAuthMethod(id: number): Promise<boolean>;
    static getAuthPolicies(): Promise<AuthPolicy[]>;
    static getAuthPolicyById(id: number): Promise<AuthPolicy | null>;
    static createAuthPolicy(authPolicy: Omit<AuthPolicy, 'id' | 'created_at' | 'updated_at'>): Promise<AuthPolicy>;
    static updateAuthPolicy(id: number, updateData: Partial<Omit<AuthPolicy, 'id' | 'created_at'>>): Promise<AuthPolicy | null>;
    static deleteAuthPolicy(id: number): Promise<boolean>;
    static getClientTokens(clientid: string): Promise<ClientToken[]>;
    static getClientTokenByValue(tokenValue: string): Promise<ClientToken | null>;
    static createClientToken(clientToken: Omit<ClientToken, 'id' | 'created_at' | 'updated_at'>): Promise<ClientToken>;
    static updateClientToken(id: number, updateData: Partial<Omit<ClientToken, 'id' | 'created_at'>>): Promise<ClientToken | null>;
    static deleteClientToken(id: number): Promise<boolean>;
    static getClientCertificates(clientid: string): Promise<ClientCertificate[]>;
    static getClientCertificateByFingerprint(fingerprint: string): Promise<ClientCertificate | null>;
    static createClientCertificate(clientCertificate: Omit<ClientCertificate, 'id' | 'created_at' | 'updated_at'>): Promise<ClientCertificate>;
    static updateClientCertificate(id: number, updateData: Partial<Omit<ClientCertificate, 'id' | 'created_at'>>): Promise<ClientCertificate | null>;
    static deleteClientCertificate(id: number): Promise<boolean>;
    static dynamicAuthVerify(username: string, clientid: string, authData: any, ipAddress?: string): Promise<{
        success: boolean;
        reason?: string;
        policy?: any;
    }>;
    private static verifyByMethod;
    private static applyAuthPolicy;
    private static isIpAllowed;
    private static isTimeAllowed;
    static findByUsernameAndClientId(username: string, clientid: string): Promise<ClientAuth | null>;
    static findByUsername(username: string): Promise<ClientAuth | null>;
    static updateLastLogin(username: string, clientid: string): Promise<void>;
    static logAuthEvent(clientid: string, username: string, operationType: string, result: 'success' | 'failure', reason?: string, ipAddress?: string, topic?: string, authMethod?: string, policyId?: number, executionTime?: number): Promise<void>;
}
//# sourceMappingURL=clientAuth.d.ts.map